Manualshelf

HP-UX 11i Security Containment Administrator's Guide for HP-UX 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX 11i Role-based Access Control (RBAC) Software
51525354555657585960
applications using HP-UX RBAC, refer to “Configuring HP-UX RBAC with Fine-Grained
Privileges”.
TIP: HP recommends you use HP-UX RBAC to configure applications that require variable
privileges to run, depending on who is running the application.
To configure applications to use fine-grained privileges, use the setfilexsec command as
follows:
# setfilexsec [options] filename
The options for setfilexsec are as follows:
-d
Deletes any security information for this file from the configuration file and the kernel.
-D
Deletes any security information for this file from the configuration file only. Used to clear
security information for a deleted file.
-r
Add or change minimum retained privileges.
-R
Add or change maximum retained privileges.
-p
Add or change minimum permitted privileges.
-P
Add or change maximum permitted privileges.
-f
Sets the security attribute flags.
Privilege Model
When you execute an application (binary file), it becomes a process. Processes have privilege
sets associated with them; these privilege sets are generated when you execute the process. A
process running from the same binary file can have different privileges at different invocations.
Each process has three sets of privileges associated with it. These are the following:
Permitted Privileges
The maximum set of privileges a process can raise. A process can drop any privilege from
this set, but cannot add any privileges to this set.
Effective Privileges
The set of privileges that is currently active for a process. A privilege-aware process can
modify its effective privileges so that only necessary privileges are active at any given time.
A process can remove any privilege from the effective privilege set, but can only add
privileges from the permitted privilege set.
The effective privilege set is always a subset of the permitted privilege set.
Retained Privileges
The set of privileges given to a new program by the current process when that executes a
program via the execve() system call. A process can remove privileges from this set, but
cannot add privileges to this set.
The retained privilege set is always a subset of the permitted privileges set.
Compound Privileges
Compound privileges are a shorthand way of specifying a set of simple privileges that can be
granted to a process as a group.
54 Fine-Grained Privileges